Using SSH keys
This topic explains how you can attach an SSH key to a credential using the SSH access method. It is assumed that administrators are already familiar with setting up and generating SSH keys.
Note
BMC Discovery supports only RSA2 and DSA private keys for certificate-based authentication. For hosts that only support SSH v1, you must use credentials for authentication.
When using SSH keys, the appliance must identify itself to discovery targets so it must use the private key. It is strongly recommended that you protect the private key with a strong passphrase. When they are uploaded, the key and the passphrase are stored in the credential vault.
If the attempted login is unsuccessful using the SSH key, the credential falls back and attempts to log in using the configured user name and password.
It is important to configure a user name and password even when an SSH key is to be used. When privileged command execution is required, that password is used in the command, for example sudo password command
.
Tip
After the key is stored in the credential vault, it is encrypted and cannot be recovered. You are strongly recommended to keep copies of private keys in secure storage according to your local security guidelines.
Comments
Log in or register to comment.